common/securis.git

similarity index 64%rename from securis/src/main/java/net/curisit/securis/security/SecurityInterceptor.javarename to securis/src/main/java/net/curisit/securis/ioc/RequestsInterceptor.java

..	..	@@ -1,4 +1,4 @@
1		-package net.curisit.securis.security;
	1	+package net.curisit.securis.ioc;
2	2
3	3	import java.io.IOException;
4	4	import java.lang.reflect.Method;
..	..	@@ -12,12 +12,17 @@
12	12	import javax.ws.rs.Priorities;
13	13	import javax.ws.rs.WebApplicationException;
14	14	import javax.ws.rs.container.ContainerRequestContext;
	15	+import javax.ws.rs.container.ContainerRequestFilter;
	16	+import javax.ws.rs.container.ContainerResponseContext;
	17	+import javax.ws.rs.container.ContainerResponseFilter;
15	18	import javax.ws.rs.core.Context;
16	19	import javax.ws.rs.core.Response;
17	20	import javax.ws.rs.core.Response.Status;
18	21	import javax.ws.rs.ext.Provider;
19	22
20	23	import net.curisit.securis.db.User;
	24	+import net.curisit.securis.security.BasicSecurityContext;
	25	+import net.curisit.securis.security.Securable;
21	26	import net.curisit.securis.utils.CacheTTL;
22	27	import net.curisit.securis.utils.TokenHelper;
23	28
..	..	@@ -32,8 +37,8 @@
32	37
33	38	@Provider
34	39	@Priority(Priorities.AUTHENTICATION)
35		-public class SecurityInterceptor implements javax.ws.rs.container.ContainerRequestFilter {
36		- private static final Logger LOG = LogManager.getLogger(SecurityInterceptor.class);
	40	+public class RequestsInterceptor implements ContainerRequestFilter, ContainerResponseFilter {
	41	+ private static final Logger LOG = LogManager.getLogger(RequestsInterceptor.class);
37	42
38	43	@Context
39	44	private HttpServletRequest servletRequest;
..	..	@@ -48,23 +53,43 @@
48	53	private Dispatcher dispatcher;
49	54
50	55	@Inject
51		- private EntityManager em;
	56	+ private EntityManagerProvider emProvider;
52	57
53	58	public void filter(ContainerRequestContext containerRequestContext) throws IOException {
	59	+ EntityManager em = emProvider.getEntityManager();
	60	+ ResteasyProviderFactory.pushContext(EntityManager.class, em);
54	61
55	62	ResourceMethodInvoker methodInvoker = (ResourceMethodInvoker) containerRequestContext
56	63	.getProperty("org.jboss.resteasy.core.ResourceMethodInvoker");
57	64	Method method = methodInvoker.getMethod();
58	65
	66	+ LOG.info("Stored in context, em: {}, {}?", em, method.toGenericString());
	67	+
	68	+ boolean next = checkSecurableMethods(containerRequestContext, method);
	69	+ if (next) {
	70	+ prepareTransaction(containerRequestContext, method);
	71	+ }
	72	+ }
	73	+
	74	+ private void prepareTransaction(ContainerRequestContext containerRequestContext, Method method) {
	75	+ EntityManager em = ResteasyProviderFactory.getContextData(EntityManager.class);
	76	+
	77	+ if (method.isAnnotationPresent(EnsureTransaction.class)) {
	78	+ LOG.info("WE need transaction!!!");
	79	+ em.getTransaction().begin();
	80	+ }
	81	+ }
	82	+
	83	+ private boolean checkSecurableMethods(ContainerRequestContext containerRequestContext, Method method) {
59	84	if (!method.isAnnotationPresent(Securable.class)) {
60		- return;
	85	+ return true;
61	86	}
62	87	String token = servletRequest.getHeader(TokenHelper.TOKEN_HEADER_PÀRAM);
63	88	if (token == null \|\| !tokenHelper.isTokenValid(token)) {
64	89	LOG.info("Access denied to '{}', Token not valid.", servletRequest.getPathInfo());
65	90	containerRequestContext.abortWith(Response.status(Status.UNAUTHORIZED).build());
	91	+ return false;
66	92	} else {
67		- Securable sec = method.getAnnotation(Securable.class);
68	93
69	94	// If roles == 0 we only need to validate the token
70	95	String username = tokenHelper.extractUserFromToken(token);
..	..	@@ -76,15 +101,18 @@
76	101	containerRequestContext.setSecurityContext(scw);
77	102	// Next line provide injection in resource methods
78	103	ResteasyProviderFactory.pushContext(BasicSecurityContext.class, scw);
79		- ResteasyProviderFactory.pushContext(EntityManager.class, em);
80	104	LOG.debug("Added custom SecurityContext for user {}, orgs: {}", username, orgs);
81	105	}
	106	+ return true;
	107	+
82	108	}
83	109
84	110	private Set<Integer> getUserOrganizations(String username) {
85	111	@SuppressWarnings("unchecked")
86	112	Set<Integer> userOrgs = cache.get("orgs_" + username, Set.class);
87	113	if (userOrgs == null) {
	114	+ EntityManager em = ResteasyProviderFactory.getContextData(EntityManager.class);
	115	+
88	116	// Theorically this shouldn't be never null, but just in case...
89	117	User user = em.find(User.class, username);
90	118	if (user != null) {
..	..	@@ -103,6 +131,8 @@
103	131	}
104	132	Integer userRoles = cache.get("roles_" + username, Integer.class);
105	133	if (userRoles == null) {
	134	+ EntityManager em = ResteasyProviderFactory.getContextData(EntityManager.class);
	135	+
106	136	User user = em.find(User.class, username);
107	137	if (user != null) {
108	138	userRoles = 0;
..	..	@@ -123,4 +153,23 @@
123	153	return null;
124	154	}
125	155
	156	+ @Override
	157	+ public void filter(ContainerRequestContext requestContext, ContainerResponseContext responseContext) throws IOException {
	158	+ EntityManager em = ResteasyProviderFactory.getContextData(EntityManager.class);
	159	+
	160	+ if (em != null && em.getTransaction().isActive()) {
	161	+ LOG.info("There is transaction go ahead...");
	162	+ if (responseContext.getStatus() == Status.OK.getStatusCode()) {
	163	+ em.getTransaction().commit();
	164	+ LOG.info("COMMIT");
	165	+ } else {
	166	+ em.getTransaction().rollback();
	167	+ LOG.info("ROLLBACK");
	168	+ }
	169	+ } else {
	170	+ LOG.info("There is NO transaction");
	171	+
	172	+ }
	173	+ }
	174	+
126	175	}